roll

SUSPICIOUS: the install path is mostly legitimate same-org npm tooling, but the skill has notable internal inconsistencies about what 'Roll' service it targets, and it routes authenticated requests through Membrane as an intermediary rather than clearly to an official Roll API. This is not confirmed malware, but the purpose mismatch and proxy-based data flow make it higher risk than a normal single-service integration guide.